7-10 years of experience in Information Technology and engineering
5-7 years of progressive information security experience across various information security / information technology risk management domains such as but not limited to: application security, infrastructure security, identity and access management, vulnerability and cyber threat management, security architecture, etc.
2-3 years of previous client facing and advisory experience required. Big4 IT risk management consulting experience a plus.
Lead the production and improvement of compliance, quality, and timing of enterprise security architecture for client / delivery teams
Demonstrated project management experience required.
Previous knowledge and expertise in designing and architecting information technology and security controls across complex and diverse networks, applications and infrastructures
Technical aptitude and critical thinking skills while having the ability to think outside the box, demonstrated ability to solve complex information security problems, ability to observe security risks and weaknesses and provide security recommendations to respective project and delivery teams
Ability to translate technical risk issues and distill such issues to common IT business leaders and upper management
Ability to build complex information security designs geared at demonstrating DiD approaches, as well as demonstrate the principals of CIA in a given design
Ability to design and incorporate security designs in new, legacy, and in environments undergoing general IT transitions / upgrades
Understanding of the current information security and IT risk management solutions market and vendor spaces across broad security domains
Work with program managers to develop project plans, estimation documents, specifications, diagrams, and flowcharts
Subject matter expert (SME) across the entire IT stack as well as diverse IT systems, networking and security components, applications, and operating systems. Solid understanding as to how to mitigate risks with common controls such as WAFS, IDPSs, MPSs, AWL, etc.
Ability to think strategically, strong attention to detail and organization skills
Understanding of information risk management frameworks, regulations, data protection guidelines and standards
Experience with working on global teams across time zones, cultures and languages. Experience leading information security project delivery a plus.
Experience authoring reports, data flow diagrams, and Visio drawings for security systems and networks required.
Bachelors Degree in Computer Science, Engineering or related field required
CISSP, CISM, or other relevant information security industry recognized certification preferred